CompTIA CySA+ Study Guide (3^rd Ed.)
Exam CS0-003
Sybex Study Guide Series

Master key exam objectives and crucial cybersecurity concepts for the updated CompTIA CySA+ CS0-003 exam, along with an online test bank with hundreds of practice questions and flashcards

In the newly revised third edition of CompTIA CySA+ Study Guide: Exam CS0-003, a team of leading security experts and tech educators delivers comprehensive and accurate coverage of every topic and domain covered on the certification exam. You?ll find clear and concise information on critical security topics presented by way of practical, real-world examples, chapter reviews, and exam highlights.

Prepare for the test and for a new role in cybersecurity with the book?s useful study tools, including:

• Hands-on lab exercises and an opportunity to create your own cybersecurity toolkit
• Authoritative discussions of each exam competency, including security operations, vulnerability management, incident response and management, and reporting and communication
• Complimentary access to Sybex's proven library of digital resources, including an online test bank, bonus questions, flashcards, and glossary, all supported by Wiley's support agents who are available 24x7 via email or live chat to assist with access and login questions

Reduce test anxiety and get a head-start learning the on-the-job skills you?ll need on your first day in a cybersecurity career. Or augment your existing CompTIA Security+ certification with an impressive new credential. Fully updated for the newly released CS0-003 exam, CompTIA CySA+ Study Guide: Exam CS0-003, Third Edition is an essential resource for test takers and cybersecurity professionals alike.

Introduction xxi

Assessment Test xxxv

Domain I Security Operations 1

Chapter 1 Today’s Cybersecurity Analyst 3

Chapter 2 System and Network Architecture 37

Chapter 3 Malicious Activity 77

Chapter 4 Threat Intelligence 135

Chapter 5 Reconnaissance and Intelligence Gathering 159

Domain II Vulnerability Management 201

Chapter 6 Designing a Vulnerability Management Program 203

Chapter 7 Analyzing Vulnerability Scans 245

Chapter 8 Responding to Vulnerabilities 293

Domain III Incident Response and Management 341

Chapter 9 Building an Incident Response Program 343

Chapter 10 Incident Detection and Analysis 377

Chapter 11 Containment, Eradication, and Recovery 397

Domain IV Reporting and Communication 421

Chapter 12 Reporting and Communication 423

Chapter 13 Performing Forensic Analysis and Techniques for Incident Response 447

Appendix Answers to Review Questions 489

Index 513

ABOUT THE AUTHORS

MIKE CHAPPLE, PhD, Security+, CySA+, CISSP, is Teaching Professor of Information Technology, Analytics, and Operations at Notre Dame’s Mendoza College of Business. He is a bestselling author of over 25 books and serves as the Academic Director of the University’s Master of Science in Business Analytics program. He holds multiple additional certifications, including the CISSP (Certified Information Systems Security Professional), CySA+ (CompTIA Cybersecurity Analyst), CIPP/US(Certified Information Privacy Professional), CompTIA PenTest+, and CompTIA Security+. Mike provides cybersecurity certification resources at his website, CertMike.com.

DAVID SEIDL, CySA+, CISSP, PenTest+, is Vice President for Information Technology and CIO at Miami University. David co-led Notre Dame’s move to the cloud, and has written multiple cybersecurity certification books.